Richard Chow, Sunnyvale US

Richard Chow, Sunnyvale, CA US

Patent application number

Description

Published

20090144255

AUGMENTING PRIVACY POLICIES WITH INFERENCE DETECTION - A system is provided for augmenting a privacy policy. During operation, the system obtains a set of training documents and at least one seed keyword associated with the privacy policy. The system extracts a number of candidate keywords from the training documents and formulates at least one query based on the candidate keywords. The system then issues the query to a corpus. In response to the query, the system receives a set of result documents. The system further determines whether a respective keyword extracted from the result documents matches at least one seed keyword. The system then augments the privacy policy by associating the candidate keyword corresponding to the respective keyword with the privacy policy based on the determination. In addition, the system applies the augmented privacy policy to a subject document and produces a result to indicate whether the subject document is in violation of the privacy policy.

06-04-2009

20090150365

INBOUND CONTENT FILTERING VIA AUTOMATED INFERENCE DETECTION - A system is provided to detect email spam. During operation, the system receives an email, extracts a set of keywords from the email body, and constructs a first search query based a keyword extracted from the email body. The system further constructs a second search query based on the keyword in the first query and one additional word which pertains to a known spam word or to the subject of the email. Next, the system receives a first number of hits and a second number of hits in response to the first and second search queries, respectively. The system then determines whether the email is spam based on the first number and the second number. The system can also perform Website filtering using inference detection which is based on search results received in response to search queries formulated with keywords extracted from Websites.

06-11-2009

20090157650

OUTBOUND CONTENT FILTERING VIA AUTOMATED INFERENCE DETECTION - One embodiment of the present invention provides a system that facilitates filtering outbound content via inference detection. During operation, the system identifies content sent to a first address and extracts keywords from the identified content. The system then issues queries based on these keywords and extracts expected-content keywords from the hits returned in response to the queries. The system then searches the outbound content for occurrences of the expected-content keywords and produces a result which allows a user to determine whether the outbound content is proper. In a further embodiment, the system extracts keywords from a piece of outbound content, and issues queries based on these keywords. The system then extracts keywords from the hits, and present at least one keyword to a user, thereby allowing the user to determine whether the outbound content is proper.

06-18-2009

20090235327

SELECTABLE CAPTCHAS - A system for displaying a set of selectable CAPTCHAs produces a first set of CAPTCHAs whose images are based at least partially on an alphanumeric sequence, where a respective CAPTCHA in the first set is associated with a CAPTCHA property. The system also produces a second set of CAPTCHAs whose images are based at least partially on an alphanumeric sequence, where a respective CAPTCHA in the second set is not associated with a CAPTCHA property. Next, the system displays the first and second sets of CAPTCHAs. Finally, the system makes respective CAPTCHAs in the first and second sets of CAPTCHAs selectable, thereby allowing a user to pass a CAPTCHA challenge by distinguishing the first set of CAPTCHAs from the second set of CAPTCHAs without typing the words associated with the images.

09-17-2009

20090249220

METHOD AND APPARATUS FOR VERIFYING INTEGRITY OF REDACTED DOCUMENTS - One embodiment of the present invention provides a system which allows a document owner to redact content from a document and allows a recipient of the redacted document to challenge the appropriateness of the redaction. During operation, the system allows the document owner to redact a string M

10-01-2009

20100048167

ADJUSTING SECURITY LEVEL OF MOBILE DEVICE BASED ON PRESENCE OR ABSENCE OF OTHER MOBILE DEVICES NEARBY - One embodiment of the present invention provides a method for adjusting security status on a mobile device, the method comprising: collecting security-related contextual information which includes information of nearby mobile devices and/or the geographic location of the intelligent mobile device; evaluating a threat level based on the collected security-related contextual information; invoking a security policy; and adjusting the security status of the mobile device based on the threat level and the security policy.

02-25-2010

20100049682

INFERENCE DETECTION ENABLED BY INTERNET ADVERTISING - One embodiment of the present invention provides a system that performs inference detection based on Internet advertisements. In doing so, this system first receives a set of topic words, performs a search query on each topic word using a search engine, and gathers a set of Uniform Resource Locators (URLs) associated with sponsored advertisement from the search results corresponding to each search query. Then, the system determines a correlation between two topic words based on their corresponding URLs associated with sponsored advertisement, and produces a result which indicates groups of correlated topic words.

02-25-2010

20100076957

METHOD AND APPARATUS FOR DETECTING SENSITIVE CONTENT IN A DOCUMENT - One embodiment of the present invention provides a system that detects sensitive content in a document. In doing so, the system receives a document, identifies a set of terms in the document that are candidate sensitive terms, and generates a combination of terms based on the identified terms that is associated with a semantic meaning. Next, the system performs searches through a corpus based on the combination of terms and determines hit counts returned for each term in the combination and for the combination. The system then determines whether the combination of terms is sensitive based on the hit count for the combination and the hit counts for the individual terms in the combination, and generates a result that indicates portions of the document which contain sensitive combinations.

03-25-2010

20100122329

AUTHENTICATION BASED ON USER BEHAVIOR - One embodiment of the present invention provides a system for authenticating a user. During operation, the system records user behavior history at one or more devices associated with the user. The system then extracts user information associated with a place and/or an activity from the recorded user behavior history. The system further generates one or more challenges based on the extracted user information, thereby facilitating the verification of the user's identity.

05-13-2010

20100122340

ENTERPRISE PASSWORD RESET - One embodiment of the present invention provides a system for automatically authenticating a user. During operation, the system receives a user's request for authentication. The system then extracts information associated with the user from user-specific information stored in an enterprise computer. The extracted user information does not explicitly relate to a password. The system further generates one or more challenges based on the extracted user information, and receives the user's response to the challenges. Subsequently, the system compares the user's response to the extracted user information, and authenticates the user.

05-13-2010

20100122341

AUTHENTICATING USERS WITH MEMORABLE PERSONAL QUESTIONS - One embodiment provides a system that verifies a user's identity. The system generates a list including a plurality of items and formulates a substantially large set of security questions base on the plurality of items. The number of questions in the set is significantly larger than a subset of security questions presented to the user to reduce the likelihood of the same questions being asked repeatedly. During account creation, the system presents to the user the subset of questions, and receives and stores a response from the user. At least one question in the subset is selected based on user information that is automatically extracted from devices associated with the user. Subsequently, the system receives a request to reset the user's password and presents the subset of questions to the requester. The system determines whether the requester is the user by comparing the requester's response with the stored user response.

05-13-2010

20100125906

RESETTING A FORGOTTEN PASSWORD USING THE PASSWORD ITSELF AS AUTHENTICATION - One embodiment of the present invention provides a system for resetting a user's forgotten password. During operation, the system receives a user's request for resetting the user's forgotten password and derives one or more challenges from the user's forgotten password. The system then presents the derived challenges to the user and receives a response from the user to the challenges. The system further compares the user's response to the one or more challenges with the user's forgotten password, thereby facilitating password resetting.

05-20-2010

20100274791

WEB-BASED TOOL FOR DETECTING BIAS IN REVIEWS - One embodiment provides a computer system for detecting associations between a reviewer and an entity under review. During operation, the system estimates a relationship strength between the reviewer and the entity under review, and determines whether the relationship strength between the reviewer and the entity under review exceeds a predetermined threshold.

10-28-2010

20110016534

IMPLICIT AUTHENTICATION - Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system receives a request to access the controlled resources. The system then determines a user behavior score based on a user behavior model, and recent contextual data about the user. The user behavior score facilitates identifying a level of consistency between one or more recent user events and a past user behavior pattern. The recent contextual data, which comprise a plurality of data streams, are collected from one or more user devices without prompting the user to perform an action explicitly associated with authentication. The plurality of data streams provide basis for determining the user behavior score, but a data stream alone provides insufficient basis for the determination of the user behavior score. The system also provides the user behavior score to an access controller of the controlled resource.

01-20-2011

20110107205

METHOD AND APPARATUS FOR FACILITATING DOCUMENT SANITIZATION - One embodiment provides a system for facilitating sanitizing a modified version of a document relative to one or more sensitive topics. During operation, the system determines a privacy risk for a term in the modified version relative to the sensitive topics, wherein the privacy risk measures the extent to which the sensitive topic(s) can be inferred based on the term. Next, the system determines an information utility and privacy loss or gain for the modified version, where the information utility reflects the extent to which the modified version has changed and the privacy loss or gain reflects the extent to which the modified version is reduced in sensitivity.

05-05-2011

20110107434

PRIVACY THROUGH ARTIFICIAL CONTEXTUAL DATA GENERATION - Embodiments of the present disclosure provide a method and system for protecting privacy by generating artificial contextual data. The system collects real contextual data related to a user. The system then generates artificial contextual data, based on the collected real contextual data. The system also groups the generated contextual data into one or more groups. Each group of contextual data corresponds to a persona that can be presented as the user's persona. Subsequently, the system transmits the generated contextual data to an entity, thereby allowing the user to obscure the real contextual data related to the user.

05-05-2011

20110113028

METHOD AND APPARATUS FOR PERFORMING CONTEXT-BASED ENTITY ASSOCIATION - A targeted advertising system performs context-based association mining using a publicly available corpus to identify a product or brand name that, under a given context, is associated with a product or brand being marketed. The system analyzes documents within the publicly available corpus that are associated with the given context, and identifies products or brand names that have a high association to the product or brand being marketed. The system can also analyze the publicly available corpus to determine contextual information which is correlated to two or more products or brand names. This contextual information includes a set of terms that facilitates filtering the publicly available corpus into an optimal set of documents that has a high association to a desired market category or demographic.

05-12-2011

20120137340

IMPLICIT AUTHENTICATION - Embodiments of the present disclosure provide a method and system for implicitly authenticating a user to access controlled resources. The system first receives a request to access the controlled resource from a user. Then, the system determines whether the user request is inconsistent with regular user behavior by calculating a user behavior measure derived from historical contextual data of past user events. Next, responsive to the determined inconsistency of the user request, the system collects current contextual data of the user from one or more user devices without prompting the user to perform an explicit action for authentication. The system further updates the user behavior measure based on the collected current contextual data, and provides the updated user behavior measure to an access controller of the controlled resource to make an authentication decision based at least on the updated user behavior measure.

05-31-2012

20120204026

PRIVACY-PRESERVING AGGREGATION OF TIME-SERIES DATA - A private stream aggregation (PSA) system contributes a user's data to a data aggregator without compromising the user's privacy. The system can begin by determining a private key for a local user in a set of users, wherein the sum of the private keys associated with the set of users and the data aggregator is equal to zero. The system also selects a set of data values associated with the local user. Then, the system encrypts individual data values in the set based in part on the private key to produce a set of encrypted data values, thereby allowing the data aggregator to decrypt an aggregate value across the set of users without decrypting individual data values associated with the set of users, and without interacting with the set of users while decrypting the aggregate value. The system also sends the set of encrypted data values to the data aggregator.

08-09-2012

20130042327

GUIDED IMPLICIT AUTHENTICATION - Embodiments of the present disclosure provide a method and system for guided implicit authentication. The system first receives a request to access the controlled resource from a user. The system then determines whether the user request is inconsistent with regular user behavior by calculating a user behavior measure derived from historical contextual data of past user events. Next, the system allows the user to provide information associated with regular user behavior and/or current contextual data. The system further updates the user behavior measure based on current contextual data.

02-14-2013

20130151540

PRIVACY-PRESERVING COLLABORATIVE FILTERING - A recommender system can generate a predicted item rating for one user by performing collaborative filtering on item ratings from other users. The recommender system can include a client device that interfaces with a server to obtain a predicted item rating for a local user. The client device can generate a standardized ratings vector for the user, and computes a group identifier for the user based on the standardized ratings vector. The system also generates a noisy ratings vector for the local user, and sends a user-ratings snapshot to a recommendation server that includes the group identifier and the noisy ratings vector. The recommender system can also include the recommendation server that generates a predicted item rating for the user by performing collaborative filtering on ratings vectors from a plurality of other users that belong to the same ratings group.

06-13-2013

20130262216

PERFORMANCE-EFFICIENT SYSTEM AND METHOD FOR SAMPLING USERS FOR POPULATION-CENTRIC ACTIVITY MODELING - A performance-efficient activity-modeling system generates a group-activity model for a population group using information from an optimal subset of users of the population group. During operation, the system computes utility scores for a set of users based on a utility-scoring function, such that a respective utility score indicates a usefulness or penalty of collecting a corresponding user's contextual information. The system then selects, from the set of users, a subset of users with highest utility scores, and receives user information from each of the selected users. The system generates the group-activity model based on the user information received from the selected users.

10-03-2013

20140041039

VECTORIAL PRIVATE EQUALITY TESTING - A system for equality testing, the system comprising a first client device including a first private data unit, a second client device including a second private data unit, and a server. The server receives a first obfuscated data unit corresponding to the first private data unit from the first client device, and a second obfuscated data unit corresponding to the second private data unit from the second client device. The server performs a vector calculation based on the first and second obfuscated data units to generate a combination of the first and second obfuscated data units. The server sends the combination to the first client device. The first client device is configured to determine whether the first private data unit is equal to the second private data unit based on the combination.

02-06-2014

20140237623

COMPUTING SYSTEM WITH PROTOCOL PROTECTION MECHANISM AND METHOD OF OPERATION THEREOF - A computing system includes: a control unit configured to: determine a protocol profile including a first protocol and a second protocol for communicating between a first device and a second device, generate a unified-protocol privacy mechanism for a privacy protection scenario, the unified-protocol privacy mechanism based on combining the first protocol and the second protocol; and a communication unit, coupled to the control unit, configured to communicate content information according to the unified-protocol privacy mechanism between the first device and the second device.